Welcome to Rob's Tools and Utilities Page
HOME
You are welcome to peruse, download, use, and re-distribute any of the tools
contained herein. However, there are some caveats:
- You may NOT re-distribute nor modify the code without keeping the
original author message, README, and Makefile with the package,
if applicable. In other words, don't change two lines and then
re-distribute the code as your own.
- None of these tools or utilities come with ANY warranty either
written or implied. By downloading any tool, you accept full
responsibility for the use, misuse, or abuse of the tool and any
result from such use. The author of the tool is not liable for
the tool and makes no guarantees about their use.
Whew! Glad to have THAT out of the way. ;-) Having said that,
please realize that these are all FREE tools designed to make
life a little easier and in some cases more safe. I hope they do so for you.
Tools
-
ifstatus
, a tool that will generate alerts about network interfaces that have
been placed in promiscuous mode.
-
getsym
, a tool that will give you the value of a given kernel symbol name.
-
wrapper
, a script for heterogenous UNIX environments that want to share a common
binary directory (e.g. /usr/share/bin), but do not want the hassle of
forcing the user community to remember which binary to execute (e.g.
/usr/share/bin/xv.hp, /usr/share/bin/xv.sgi, etc.).
-
memlook
, a tool that allows you to examine the image size, resident set size,
heap size, and stack size, all in bytes, for a given process. You can
also give an interval, in seconds, for continued monitoring.
-
nocando
, a denial shell that provides logging when users with this shell
attempt to gain access. This is a convenient shell for non login
accounts as well as locked accounts.
-
POPpass
, a tool that allows users to change their POP passwords over the
web. A bit dated now, although I still receive requests for it.
-
pwchk
, a tool that verifies and validates login accounts, including
both local and NIS/NIS+ accounts. This is a nice "double check"
to ensure that a created account is actually visible on a given
host.
-
su replacement
, a modified version of the venerable su program that includes
syslog logging as well as the standard sulog logging. I originally
wrote this to prevent users from rebooting HP workstations to
become root. The problem is long since gone, but the code still
provides, IMHO, better logging than standard su.
-
mtaprobe
, an Expect script that probes a mail relay and gathers the type
and version of SMTP software, the ability to run EXPN, and if the
probed server is a wide-open mail relay. This is a nice way to
discover possible SMTP woes on your network.
-
poptart
, an Expect script that probes the POP and IMAP ports of a list
of hosts to determine the type and version of server the host is
running. This can be a nice way to gather information about your
network and verify compliance with standards or susceptibility to
the latest announced vulnerabilities.
-
sockwatch
, a tool that monitors a TCP connection between two hosts. I wrote
this tool to verify that a network was enduring several outages of
an extremely short duration.
-
fw-alert
, is a collection of two Perl scripts. These scripts, when combined
with the FW-1 UserDefined alert option, provide syslog aware real-time
alerts. When generating types and forms of alerts, the scripts are
only as limited as syslogd.
- mods.c
is a quick program designed to query the given STREAMS device and
list all modules in that STREAM. It will also POP the module
closest to the STREAM head.
- throttle
is a Perl program that provides SYN flood defense for Check Point
firewalls. The throttle.pl script is much more reliable and much
less of a burden than SYN Defender.
- myipcheck
is a Perl program that scans a list of IP addresses for any IPs
that belong to a set of netblocks. These netblocks are hard-coded
into the netblocks array contained in the script.
-
coderedscanner
, is a scanner authored by Kirby Kuehl (kkuehl at cisco.com) and myself.
It is multithreaded, lightning fast, highly accurate, and will scan
any size netblock in a very reasonable amout of time.
HOME